Cyber Security and Next Gen Systems

Similar documents
Telephony Denial of Service (TDoS) Attacks. Dan York, CISSP Chair, VoIP Security Alliance

Next Generation 9-1-1

Recommended IP Telephony Architecture

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

Intrado Emergency Routing Service (ERS) Canada Service Guide Version

Geographic Information Systems (GIS)

EENA NG112 Committee. Long Term Definition Document Conference call 1 of February 2012

nexvortex VOIP DISASTER RECOVERY BUSINESS SOLUTION

State of Texas. TEX-AN Next Generation. NNI Plan

Matrix Technical Support Mailer 27 SIP to SIP & SIP to PSTN calling through SIP Registrar (ITSP)

IOWA STATEWIDE NG9-1-1 GIS STANDARDS. Presented by Iowa HSEMD and

Security issues in Voice over IP: A Review

Network Security Policy

Session Border Controllers in Enterprise

Ingate Firewall/SIParator SIP Security for the Enterprise

ESINET NG911. Aparna Pragadeeswar Vinoth

Your Voice is Critical. OpenScape Enterprise voice solutions gives power to voice

Understanding Cyber Defense A Systems Architecture Approach

Draft ITU-T Recommendation X.805 (Formerly X.css), Security architecture for systems providing end-to-end communications

ERS Canada Service Guide. Version

Securing SIP Trunks APPLICATION NOTE.

HIPAA Security Alert

NG Deployments in U.S.A.

White Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act

S-Series SBC Interconnect Solutions. A GENBAND Application Note May 2009

T.38 fax transmission over Internet Security FAQ

SIP Trunking with Microsoft Office Communication Server 2007 R2

NG9-1-1 Explained. John Chiaramonte, PMP, ENP. April 14, 2011

Preparatory Meeting for Phase 2 of Philippine National ENUM Trial

VoIP Resilience and Security Jim Credland

Written Testimony of John L. Barnes Director of Product Development Verizon Business. Hearing on VoIP: Who Has Jurisdiction to Tax It?

Presented by Christopher Duxler Operations Director for ECaTS, a product of Direct Technology.

NICE s NG9-1-1 Solution

IP Voice Reseller. Deliver the VoIP services your customers demand without costly infrastructure investment or increased management complexity.

Frequently Asked Questions about Integrated Access

ENTERPRISE SESSION BORDER CONTROLLERS: SAFEGUARDING TODAY S AND TOMORROW S UNIFIED COMMUNICATIONS

ENUM: an Enabler for VoIP and Next Generation Services

An Overview of the SaskTel Hosted Contact Centre Solution Design and Delivery Principles, and Core Architecture

Wanderlust: Enabling roaming in the LTE era. Don Troshynski Vice President, Solutions Architecture

Your Voice is Critical. OpenScape Enterprise voice solutions gives power to voice

4G Americas Technical Report Analysis of Transitioning to NG9-1-1 from a Wireless Service Provider Perspective

SIP and VoIP 1 / 44. SIP and VoIP

Common Cyber Threats. Common cyber threats include:

Security Whitepaper: ivvy Products

Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS

WHITE PAPER. Addressing Inter Provider Connections with MPLS-ICI CONTENTS: Introduction. IP/MPLS Forum White Paper. January Introduction...

HP Next-Generation Network Security Solutions Radoslav Georgiev Technical Consultant HP Networking

The on NG9-1-1 Part I of III

Evolution & Revolution. Avaya s Reference Architecture For Unified Communications. Gianluca Attura Amministratore Delegato Avaya Italia S.p.A.

Pass-the-Hash. Solution Brief

An outline of the security threats that face SIP based VoIP and other real-time applications

NG 911 & Consolidation: The Future of your PSAP

THE FUTURE OF SMART GRID COMMUNICATIONS

HRPD Support for Emergency Services

Redundancy for Corporate Broadband

Building The Human Firewall. Andy Sawyer, CISM, C CISO Director of Security Locke Lord

Complete Protection against Evolving DDoS Threats

Addressing Inter Provider Connections With MPLS-ICI

7. Public Key Cryptosystems and Digital Signatures, 8. Firewalls, 9. Intrusion detection systems, 10. Biometric Security Systems, 11.

GOVERNANCE AND SECURITY BEST PRACTICES FOR PAYMENT PROCESSORS

Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011

HIPAA Privacy & Security White Paper

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

Cyber Security and Critical Information Infrastructure

Business Continuity protection for SIP trunking service

4G Mobile Networks At Risk

1 ABSTRACT 3 2 CORAL IP INFRASTRUCTURE 4

Police. 21st Century Security Problem for Police Authorities.

Broadband Networks Virgil Dobrota Technical University of Cluj-Napoca, Romania

Understand Wide Area Networks (WANs)

Results for Next Generation 112: Emergency services operational requirements survey

Managing IT Security with Penetration Testing

Delivering UC Solutions UC Summit

White paper. TrusGuard DPX: Complete Protection against Evolving DDoS Threats. AhnLab, Inc.

Datawire Secure Transport Value Proposition

A Model-based Methodology for Developing Secure VoIP Systems

All-IP Network Emergency Call Support

Network & Information Security Policy

Corporate Policy and Procedure

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

VoIP Security, an overview of the Threat Landscape

Alcatel-Lucent 1300 Convergent Network Management Center OPEX REDUCTION THROUGH INTEGRATED NETWORK MANAGEMENT

Glossary of Terms and Definitions

Information Systems and Electronic Communications in Logistics Management

Secure VoIP for optimal business communication

COPYRIGHTED MATERIAL. Contents. Foreword. Acknowledgments

Building Voice VPN with Simton IPX

Transcription:

Cyber Security and Next Gen Systems Jay English Director Comm. Center & 9-1-1 Services APCO International 2013; all rights reserved

Topics to Cover NG9-1-1 Emerging technology and emerging threats Basic types of threats FirstNet and Security Planning and Preparation 2013; all rights reserved

NG9-1-1? Legacy 9-1-1 systems are relatively secure, and while threats exist they are somewhat limited TDoS Carrier outages Capacity issues While secure, the system is extremely dated and limited. Location limitations Media capabilities CAMA trunks / Circuit switched technology 2013; all rights reserved

NG9-1-1 Next Generation systems will be a network of networks providing connectivity between PSAPs on a network within a specified geographic area to other networks both regionally and nationally With advancement of technology comes an increased threat of infiltration and exploitation of the system Reliant on data rather than traditional voice NG9-1-1 systems and ESINets will be vulnerable to the same threats as existing IP networks and systems 2013; all rights reserved

Clients Access Networks Origination Networks Emergency Services IP Network (ESInet) Domains Government Services Legacy PSAP/Emergency Responders IM Clients LISs CSP Call Server Public Web Services DNS Legacy PSAP Gateway Multimedia Services NG9-1-1 (i3) PSAP SIP/H.323 clients Public Access IP Networks E-CSCF (IMS) Global Internet, Private Networks or IMS Location Validation Web Interface ECR Web Interfaces Originating Border Control ESInet Originating ESRP Terminating Border Control ESInet Terminating ESRP Wireless/IP Client Emergency Call Routing & Location Validation Databases Legacy Network Gateway Private Web Services Supplemental Services Databases NG9-1-1 (i3) PSAP PSTN client Legacy Circuit- Switched Networks Wireless/CS Client NOTE: Elements labeled in italic bold blue are in scope for this document. All others are shown for completeness only. 5

Types of Threats Destruction: Physical destruction of information or communications systems rendering them unusable Corruption: The changing of information such that it is no longer accurate or useful Removal: The removing of information so that it cannot be accessed, but is not destroyed Disclosure: Unauthorized release of confidential or sensitive information to the detriment of owner of said data Interruption: Interfering with communications such that legitimate users cannot send or receive messages 6

Cyber Security and FirstNet Secure communications are a core requirement for FirstNet Requirements include user credentialing, access control, authentication, auditing, confidentiality, data integrity, physical security, and applications High level network requirements include services, device management and identity management Services may be provided by a central authority and delivered through either centralized or distributed service mechanisms Included in the security specifications under consideration is the concept of a trusted zone and a trusted vulnerable zone 2013; all rights reserved

8 Trusted Zones

9

Planning and Preparation Have a pre-plan. The TDoS attacks resulted in activation of a task force to provide best practices and much needed cooperation amongst multiple parties. Those best practices can be found here: Learn about NG9-1-1. There are a number of resources available to provide education on NG9-1-1 and emerging technologies. Here are a couple of places to start: 10

Planning and Preparation Look into available security options for the networks all the way to the PSAP equipment level. Consider what your records systems will integrate with, your CAD and mobile requirements, recording and retention requirements, and integration of any outside network into your closed PSAP or jurisdictional systems. Research FirstNet and emerging Apps: FirstNet is exciting technology and will bring some tremendous capabilities to the public safety community. APCO encourages all members of the public safety community to begin researching, and understanding, the networks and systems that will make up FirstNet here: 11

Planning and Preparation Once you have a fundamental understanding of the concepts here, look into the Security and Priority sections of the FirstNet Statement of Requirements, found here: This research into security requirements provides you with a toolbox of information and questions as well as some design considerations for your own systems. 12

Planning and Preparation In addition to the actual FirstNet system, applications will play a key role in public safety. Today, apps are fun and convenient ways to send messages, retrieve information about a selected topic, or even find the closest place to eat when you re traveling. Tomorrow, they will provide life saving services and links to public safety in near realtime. Understanding the make up of emerging apps is critical to understanding how our networks of tomorrow will work. APCO has established a web site specifically designed to provide public safety professionals with a one stop source of information on public safety related apps. The site can be found here:. 13

Evolution not Revolution The security DNA of our networks will define our success 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information